Website on a LAMP or LEMP stack using Terraform
To create an infrastructure for a website on a LAMP or LEMP stack using Terraform:
- Prepare your cloud.
- Create an infrastructure.
- Upload the website files.
- Check that the website is running.
We will use the example.com
domain name as an example.
If you no longer need the resources you created, delete them.
Prepare your cloud
Sign up for Yandex Cloud and create a billing account:
- Go to the management console
and log in to Yandex Cloud or create an account if you do not have one yet. - On the Yandex Cloud Billing
page, make sure you have a billing account linked and it has theACTIVE
orTRIAL_ACTIVE
status. If you do not have a billing account, create one.
If you have an active billing account, you can go to the cloud page
Learn more about clouds and folders.
Required paid resources
The cost of supporting the website infrastructure includes:
- Fee for a continuously running VM (see Yandex Compute Cloud pricing).
- Fee for using a public IP address (see Yandex Virtual Private Cloud pricing).
- Fee for public DNS queries and DNS zones if using Yandex Cloud DNS (see Cloud DNS pricing).
Create an infrastructure
Terraform
For more information about the provider resources, see the documentation on the Terraform
If you change the configuration files, Terraform automatically detects which part of your configuration is already deployed, and what should be added or removed.
To create an infrastructure using Terraform:
-
Specify the source for installing the Yandex Cloud provider (see Configure a provider, step 1).
-
Prepare files with the infrastructure description:
Ready-made archiveManually- Create a directory for files.
- Download the archive
(1 KB). - Unpack the archive to the directory. As a result, it should contain the
lamp-lemp.tf
configuration file and thelamp-lemp.auto.tfvars
file with user data.
-
Create a directory for the file with the infrastructure description.
-
Create the
lamp-lemp.tf
configuration file in the directory:lamp-lemp.tf# Declaring variables for user-defined parameters variable "zone" { type = string } variable "folder_id" { type = string } variable "vm_image_family" { type = string } variable "vm_user" { type = string } variable "ssh_key_path" { type = string } variable "dns_zone" { type = string } # Adding other variables locals { network_name = "web-network" subnet_name = "subnet1" sg_vm_name = "sg-web" vm_name = "lamp-vm" dns_zone_name = "example-zone" } # Provider configuration terraform { required_providers { yandex = { source = "yandex-cloud/yandex" version = ">= 0.47.0" } } } provider "yandex" { folder_id = var.folder_id } # Creating a cloud network resource "yandex_vpc_network" "network-1" { name = local.network_name } # Creating a subnet resource "yandex_vpc_subnet" "subnet-1" { name = local.subnet_name v4_cidr_blocks = ["192.168.1.0/24"] zone = var.zone network_id = yandex_vpc_network.network-1.id } # Creating a security group resource "yandex_vpc_security_group" "sg-1" { name = local.sg_vm_name network_id = yandex_vpc_network.network-1.id egress { protocol = "ANY" description = "any" v4_cidr_blocks = ["0.0.0.0/0"] } ingress { protocol = "TCP" description = "ext-http" v4_cidr_blocks = ["0.0.0.0/0"] port = 80 } ingress { protocol = "TCP" description = "ext-https" v4_cidr_blocks = ["0.0.0.0/0"] port = 443 } } # Adding a ready-to-use VM image resource "yandex_compute_image" "lamp-vm-image" { source_family = var.vm_image_family } resource "yandex_compute_disk" "boot-disk" { name = "bootvmdisk" type = "network-hdd" zone = "ru-central1-a" size = "20" image_id = yandex_compute_image.lamp-vm-image.id } # Creating a VM resource "yandex_compute_instance" "vm-lamp" { name = local.vm_name platform_id = "standard-v3" zone = var.zone resources { core_fraction = 20 cores = 2 memory = 1 } boot_disk { disk_id = yandex_compute_disk.boot-disk.id } network_interface { subnet_id = yandex_vpc_subnet.subnet-1.id nat = true security_group_ids = [yandex_vpc_security_group.sg-1.id] } metadata = { user-data = "#cloud-config\nusers:\n - name: ${var.vm_user}\n groups: sudo\n shell: /bin/bash\n sudo: 'ALL=(ALL) NOPASSWD:ALL'\n ssh-authorized-keys:\n - ${file("${var.ssh_key_path}")}" } } # Creating a DNS zone resource "yandex_dns_zone" "zone1" { name = local.dns_zone_name zone = var.dns_zone public = true } # Creating a type A resource record resource "yandex_dns_recordset" "rs-a" { zone_id = yandex_dns_zone.zone1.id name = var.dns_zone type = "A" ttl = 600 data = [ yandex_compute_instance.vm-lamp.network_interface.0.nat_ip_address ] } # Creating a CNAME resource record resource "yandex_dns_recordset" "rs-cname" { zone_id = yandex_dns_zone.zone1.id name = "www" type = "CNAME" ttl = 600 data = [ var.dns_zone ] }
-
In the directory, create the
lamp-lemp.auto.tfvars
file with user data:lamp-lemp.auto.tfvarszone = "<availability_zone>" folder_id = "<folder_ID>" vm_image_family = "<VM_image_family>" vm_user = "<VM_username>" ssh_key_path = "<path_to_public_SSH_key>" dns_zone = "<DNS_zone>"
For more information about the parameters of resources used in Terraform, see the provider documentation:
-
In the
lamp-lemp.auto.tfvars
file, set the user-defined parameters:zone
: Availability zone that will host the VM.folder_id
: Folder ID.family_id
: Specify the family of one of the VM images with a relevant set of components:vm_user
: VM username.ssh_key_path
: Path to the file with a public SSH key to authenticate the user on the VM. For more information, see Creating an SSH key pair.dns_zone
: DNS zone. Specify your registered domain with a period at the end, e.g.,example.com.
.
To get access to public zone domain names, you need to delegate the domain. Specify the addresses of thens1.yandexcloud.net
andns2.yandexcloud.net
servers in your personal dashboard at your registrar.
-
Create resources:
-
In the terminal, change to the folder where you edited the configuration file.
-
Make sure the configuration file is correct using the command:
terraform validate
If the configuration is correct, the following message is returned:
Success! The configuration is valid.
-
Run the command:
terraform plan
The terminal will display a list of resources with parameters. No changes are made at this step. If the configuration contains errors, Terraform will point them out.
-
Apply the configuration changes:
terraform apply
-
Confirm the changes: type
yes
in the terminal and press Enter.
-
-
Get the public IP address of the VM: you will need it later to upload the website files.
After creating the infrastructure, upload the website files.
Upload the website files
To test the web server, upload the index.html
file to the VM. You can use a test file
-
Under Network on the VM page in the management console
, find the VM's public IP address. -
Connect to the VM via SSH.
-
Grant your user write access to the
/var/www/html
directory:sudo chown -R "$USER":www-data /var/www/html
-
Upload the website files to the VM via SCP
.Linux/macOSWindowsUse the
scp
command-line utility:scp -r <path_to_file_directory> <VM_username>@<VM_IP_address>:/var/www/html
Use WinSCP
to copy the local file directory to/var/www/html
on the VM.
After uploading the files, check that the website is up and running.
Check that the website is up and running
To test the site, enter its IP or domain name in your browser:
http://<public_IP_of_VM>
http://www.example.com
How to delete the resources you created
To stop paying for the resources you created:
-
Open the
lamp-lemp.tf
configuration file and delete from it the description of the infrastructure you created. -
Apply the changes:
-
In the terminal, change to the folder where you edited the configuration file.
-
Make sure the configuration file is correct using the command:
terraform validate
If the configuration is correct, the following message is returned:
Success! The configuration is valid.
-
Run the command:
terraform plan
The terminal will display a list of resources with parameters. No changes are made at this step. If the configuration contains errors, Terraform will point them out.
-
Apply the configuration changes:
terraform apply
-
Confirm the changes: type
yes
in the terminal and press Enter.
-